<?php

$mFormRollback = new FormRecovery($_POST);
$mValidation = new InputValidation();
$mFunction = new Fungsi();


$mAct = 'edt';

//SETUP PASSWORD
$mValidation->SetInput($_POST['fCurrentPassword']);
$mValidation->SetPattern(pPass);
$tCurrentPassword = $mValidation->CheckValidation();

$mValidation->SetInput($_POST['fNewPassword']);
$mValidation->SetPattern(pPass);
$tPassword = $mValidation->CheckValidation();

$mValidation->SetInput($_POST['fConfirmPassword']);
$mValidation->SetPattern(pPass);
$tRePassword = $mValidation->CheckValidation();
////

//SETUP PERSON
$mUser = new CoreUser($_SESSION['User']['Id']);
////

//$tGoto= "main.php?menu=11&submenu=111";
if ($mAct == 'edt' && $tPassword && ($tPassword === $tRePassword)) {
    //SETUP LOGGED USER
    $mLogged = new Logged();
    $mLogged->SetUsername($_SESSION['User']['Username']);
    $mLogged->SetPassword($tCurrentPassword);

    //CHECK: Password lama benar
    $tResCheckPassword = $mLogged->CheckPassword($tError);
    ////

    
    if ($tResCheckPassword === true) {
        //BUAT PASSWORD BARU
        $mLogged->SetPassword($tPassword);
        $tSalt = $mLogged->GenerateSalt();
        $tPwdHash = $mLogged->GeneratePasswordHash($tSalt);

        $mFunction->SetVariableToMultiFormVariableSupport('fPersonId', $_SESSION['User']['Id'], false, false);
        $mFunction->SetVariableToMultiFormVariableSupport('fCurrentPKValue', $_SESSION['User']['Id'], false, false);
        $mFunction->SetVariableToMultiFormVariableSupport('fPasswordHash', $tPwdHash, false, false);
        $mFunction->SetVariableToMultiFormVariableSupport('fSalt', $tSalt, false, false);

        //EXECUTE
        $mData = new DBQueryExecute();
        $mData->SetTargerURL("main.php?menu=99&submenu=311");

        //SETUP Nama Tabel
        $mData->SetTableName("app_user");
        $mData->SetMultiForm(false);

        $mData->SetPrimaryKey('person_id', 'fPersonId', pUserId);
        $mData->SetField('pwd', 'fPasswordHash', pPass);
        $mData->SetField('salt', 'fSalt', pUnsignedInt);
        
        //echo '<br>$mUser->GetLevel()= ' . $mUser->GetLevel();
        //echo '<br>$mUser->GetUsername()= ' . $mUser->GetUsername();
        //echo '<br>$mUser->GetUserId()= ' . $mUser->GetUserId();
        //echo '<br>$tSalt= ' . $tSalt;
        //echo '<br>$tPassword= ' . $tPassword;
        $mData->SetValiditas($mUser->GetLevel() . "|" . $mUser->GetUsername() . "|" . $mUser->GetUserId() . "|" . $tSalt);


        if (!$mData->GetError())
            $tResult = $mData->ExecuteQuery($mAct);
    }
    else {
        echo 'password salah';
    }
} else {
    if (!$mAct && $_POST['act']) {
        // ERROR: aksi tidak diketahui. kemungkinan diubah oleh user
    } else {
        // ERROR: nilai aksi tidak didefinisikan
    }
}
?>
